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Amendments to the Claims 



The listing of claims below will replace all prior versions and listings of claims in the 
application. 

1. (Currently Amended) A computer implemented method for securing a file in an 
application environment, file, the method comprising: 

d e termining, in an operating system supporting an application, determining whether 
the file stored in a file system and b eing accessed is secured wh e n a requ e st to acc e ss the fil e 
is received; secured; 

if the file is determined to be secured, activating a cipher module and loading the file 
from the file system through the cipher module into fee an application; and 

if the file is determined to be non-secured, loading the file from the file system into 
the application without activating the cipher module; module. 

wherein the ciph e r modul e , once activat e d, op e rates transparently to a user requesting 
an access to the fil e 

2. (Currently Amended) The method of Claim 1, wherein the cipher module, once activated, 
operates within the an operating system. 

3. (Canceled) 
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4. (Currently Amended) The method of Claim 1, wherein the s e cured file includes a header 
and an encrypted portion, the header including or pointing to security information including a 
file key that, once obtained, can b e used to decrypt the encrypted portion. 

5. (Currently Amended) The method of Claim 4, wherein the determining e£whether the file 
stored in the file system and being accessed is secured comprises determining if the file 
stored in the file system and b eing includes the header. 

6. (Currently Amended) The method of Claim 4, 

wherein the header further includes a flag indicating that the file stored in the file 
system and b eing accessed is secured, and 

wherein the determining of whether the file stored in the file system and b eing 
accessed is secured comprises determining if the file has the flag. 

7. (Currently Amended) The method of Claim 4, wherein the loading ef-the file from the file 
system through the cipher module into the application comprises: 

retrieving the file key; 

decrypting the encrypted portion with the file key in the cipher module; and 
sending the file in clear mode to the application. 

8. (Currently Amended) The method of Claim 7, wherein the security information including 

the file key is encrypted with a user key, and wherein the retrieving e£the file key comprises: 

obtaining a the user key associated with fee a user requesting an access to the file; and 
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decrypting the encrypted security information with the user key to retrieve the file 

key. 

9. (Currently Amended) The method of Claim 8, wherein the security information further 
includes access rules controlling to control how and whe by whom the s e cured file ean is to 
be accessed. 

10. (Currently Amended) The method of Claim 9, wherein the loading e#-the file from the 
file system through the cipher module into the application only happens if an access privilege 
of the user is within permissions granted by the access rules. 

11. (Currently Amended) A computer implemented method for securing a fil e in an 
application environment, file, the method comprising: 

maintaining a file key in a temporary memory space; 

encrypting the file with the file key in a cipher module to produce an encrypted 
portion; 

preparing security information for the encrypted portion, the security information 
being encrypted with a user key and including the file key and access rules to control access 
to the encrypted portion; portion, wherein the access rules in the security information 
comprise user information identifying who has access to the encrypted portion and how the 
encrypted portion is to be accessed; and 

attaching the encrypt e d security information to the encrypted portion. 
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12. (Currently Amended) The method of Claim 44- VL, further comprising deleting the file 
key from the temporary memory space when the attaching ef^the encrypted security 
information to the encrypted portion is complete. 

13. (Currently Amended) The method of Claim 11, wherein the encrypting ef^the file with 
the file key, the preparing ef-the security information, and the attaching e^the e ncrypt e d 
security information happen whenever the file is caused to be stored in a storage space. 

14. (Currently Amended) The method of Claim 11, wherein the encrypting e£-the file with 
the file key, the preparing ef-the security information, and the attaching e£-the encrypted 
security information happen upon receiving an instruction from an application or an operating 
system supporting the application. 

15. (Previously Presented) The method of Claim 14, wherein the application is provided in a 
Microsoft Office product and the operating system is a Microsoft Windows operating system. 

16. (Previously Presented) The method of Claim 14, wherein the instruction is one of (i) 
Save, (ii) Close and (iii) Exit, all provided in the application. 

17. (Previously Presented) The method of Claim 14, wherein the instruction is generated 
from an automatic operation of saving the file being opened into a storage space, the 
automatic operation being triggered by the application itself or the operating system. 
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18. (Currently Amended) The method of Claim 11 further comprising e ncrypting th e 
s e curity information with a 11, wherein the user key ^associated with a member selected 
from a group consisting of a user, a device, a software module, and a group of users. 

19. (Canceled) 

20. (Currently Amended) A computer implemented method for providing access control to a 
filo in an application environm e nt, file, the method comprising: 

forwarding a request to access the file to a file system manager in an operating 

system; 

activating a document securing module by the file system manager to determine 
whether the file stored in a file system driver and being accessed is secured; 

activating a cipher module when if the file is determined to be secured; and 

loading the file from the file system driver through the cipher module into an 
application; application. 

wherein th e ciph e r module, once activated, operat e s transparently to a user r e questing 
an acc e ss to the file. 

21 . (Currently Amended) The method of Claim 20 20^ further comprising: 

retrieving security information from the file when if the file is determined to be 
secured, the security information including a file key and access rules; and 
obtaining an access privilege of a user requesting to access the file. 
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22. (Currently Amended) The method of Claim 21, wherein the activating e£-the cipher 
module proceeds successfully when the access privilege is within permissions granted by the 
access rules. 

23. (Currently Amended) The method of Claim 22f 22, wherein the activating e£the cipher 
module comprises decrypting an encrypted portion of the s e cured file with the file key. 

24. (Currently Amended) A computer readable storage medium having computer program 
code recorded thereon, that when executed by a processor, causes the processor to access a 
file in an application e nvironment b y a method, comprising: 

det e rmining, in an op e rating system, determining whether the file stored in a file 
system and b eing accessed is secured when a requ e st to access th e fil e by an application is 
r e c e ived; secured; 

if the file is determined to be secured, 

activating a cipher modul e that op e rat e s in th e op e rating system; module; and 
loading the file from the file system through the cipher module into the 
application; and 

if the file is determined to be non-secured, 

loading the file from the file system into the application without activating the 
cipher modulo; module. 

wh e rein the cipher module, once activated, operates transparently to a user requesting 
an access to the file 
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25. (Currently Amended) The computer readable storage medium of Claim 24, wherein the 
secured file includes a header and an encrypted portion, the header including or pointing to 
security information including a file key that, once obtain e d, can be used to decrypt the 
encrypted portion. 

26. (Currently Amended) The computer readable storage medium of Claim 25, wherein the 
determining ef^whether the file stored in the file system and being accessed is secured 
comprises determining if the file stored in the file system and being accessed includes the 
header. 

27. (Currently Amended) The computer readable storage medium of Claim 25, wherein the 
loading e£-the file from the file system driver through the cipher module into the application 
comprises: 

retrieving the file key; 

decrypting the encrypted portion with the file key in the cipher module; andr and 
sending the file in clear mode to the application. 

28. (Currently Amended) The computer readable storage medium of Claim 27, wherein the 
security information including the file key is encrypted with a user key, and wherein the 
retrieving ef-the file key comprises: 

obtaining a the user key associated with fee a user requesting an access to the file; and 
decrypting the e ncrypted security information with the user key to retrieve the file 

key. 
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29. (Currently Amended) The computer readable storage medium of Claim 28, wherein the 
security information further includes access rules of how and whe by whom the secured file 
ean is to be accessed. 

30. (Currently Amended) The computer readable storage medium of Claim 29, wherein the 
loading ei^the file from the file system through the cipher module into the application 
proceeds only when an access privilege of the user is within permissions granted by the 
access rules. 

3 1 . (Currently Amended) A computer readable storage medium having computer program 
code recorded thereon, that when executed by a processor, causes the processor to secure a 
file in an application environm e nt b y a method, comprising: 

maintaining a file key in a temporary memory space; 

encrypting the file with the file key in a cipher module to produce an encrypted file, 
wherein the file has been opened with an application and the cipher module operates 
transparently as far as a user executing the application is concerned; and 

storing, in a storage space, a secured file including the encrypted file and a header, 
wherein the header includes or points to security information including the file keyr key, 
wherein the security information further includes access rules of how and by whom the file is 
to be accessed. 
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32. (Currently Amended) The computer readable storage medium of Claim 34- 3L, further 
comprising deleting the file key from the temporary memory space when the application is 
caused to close the file. 

33. (Currently Amended) The computer readable storage medium of Claim 31, wherein the 
encrypting ef-the file with the file key happens whenever the file is caused to be stored in the 
storage space. 

34. (Currently Amended) The computer readable storage medium of Claim 31, wherein the 
encrypting ef^the file with the file key happens upon receiving an instruction from the 
application or an operating system supporting the application. 

35. (Previously Presented) The computer readable storage medium of Claim 34, wherein the 
instruction is one of (i) Save, (ii) Close and (iii) Exit, all provided in the application. 

36. (Previously Presented) The computer readable storage medium of Claim 34, wherein the 
instruction is generated from an automatic operation of saving the file being opened into the 
storage space, the automatic operation is either triggered by the application itself or the 
operating system. 

37. (Canceled) 
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38. (Currently Amended) The computer readable storage medium of Claim 37 31^ further 
comprising encrypting the security information with a user key associated with a member 
selected from a group consisting of a user, a device, a software module, and a group of users. 

39. (Previously Presented) The computer readable storage medium of Claim 31, further 
comprising attaching the header to the encrypted file, wherein the header includes the 
security information encrypted in addition to a flag indicating that the file is secured. 

40. (Currently Amended) A computing device for securing a file in an application 
environment, the computing d e vic e file, comprising: 

an application, wh e n e xecut e d, acc e ssing application configured to access the file that 
includes security information and an encrypted portion, the security information further 
including a file key and access rules, and-the encrypted portion being an encrypted version of 
the file; and 

a cipher module activating configured to activate upon determining that the file being 
accessed is secured; 

wherein the security information is configured to be encrypted with a user key and 
ean key, is configured to be decrypted with the user key when authenticated; authenticated, 
and includes access rules of how and by whom the file is to be accessed; and 

wherein the file key ean is configured to be retrieved to decrypt the encrypted portion 
only after the access rules have been successfully measured against access privilege of the a 
user. 
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41. (Currently Amended) The computing device of Claim 40 40^ further comprising an 
operating system supporting configured to support operations of the application, and wherein 
the cipher module is embedded in the operating system. 

42. (Currently Amended) The computing device of Claim 40, wherein the cipher module 
op e rat e s is configured to operate in a path through which the file is caused to pass when 
accessed by the application. 

43. (Currently Amended) The computing device of Claim 40 40^ further including a 
memory space and a storage space, and wherein the file key is temporarily kept in the 
memory space when the file is successfully loaded into the application. 

44. (Previously Presented) The computing device of Claim 43, wherein the file key is 
deleted from the memory space as soon as the file is written back to the storage space. 

45. (Previously Presented) The computing device of Claim 40, wherein the user key 
becomes authenticated only when the user is authenticated by an authentication process. 

46. (Currently Amended) The computing device of Claim 40, wherein the computing device 
is coupled to a second computing device over a data n e twork, network and the user key 
becomes authenticated only after the user is successfully logged from the computing device 
into the second computing device. 
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47. (Currently Amended) The computing device of Claim 40, wherein the computing device 
is provided with means for capturing biometric data of the user, user and the user key 
becomes authenticated only after the biometric data is successfully verified. 

48. (Original) The computing device of Claim 40, wherein the user key becomes 
authenticated after the computing device receives credential information from the user. 

49. (Previously Presented) The computing device of Claim 48, wherein the credential 
information includes at least one of a password entered by the user, biometric information of 
the user, and personalized information about the user. 

50. (Original) The computing device of Claim 49, wherein the biometric information is 
captured from a device coupled to the computing device. 

51. (Currently Amended) The method of claim 1, further comprising: 

launching an the application when the a request to access the file is received. 

52. (Previously Presented) The method of claim 11, further comprising: 

launching an application that accesses the file. 

53. (Currently Amended) The method of claim 20 20, further comprising: 

launching an application under the operating system when the request to access the 
file is received. 
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54. (Currently Amended) The computer readable storage medium of claim 24, wherein the 
program code stored on the medium, when executed, causes an application to be launched 
when the a request to access the file is received. 

55. (Currently Amended) The computer readable storage medium of claim 31, wherein the 
program code stored on the medium, when executed, causes an the application to be 
launched. 

56. (Previously Presented) The computing device of claim 40, wherein the application is 
launched to access the file. 
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